Ransomware Attacks Are Costly

By VaultTek | July 2, 2022

Ransomware Attacks are Costly

The threat of falling victim to ransomware is higher than ever before and continues to rise at an alarming rate as criminals leverage new methods and techniques for holding business data hostage.  Data encryption scams have evolved into methodical targeted attacks on businesses where criminals quietly infiltrate a network.  They lurk in the background, silently monitoring the environment undetected, and wait for the right moment to deliver their malicious assault in order to cause the most destruction possible.  Utilizing a hybrid of encryption tactics, criminals challenge businesses to weigh the importance and value of their data by demanding money in exchange for a key to unlock it.

In 2016, ransomware attacks on businesses were estimated to occur every 2 minutes.  The frequency of that estimate rose in 2019 to every 14 seconds.  Researchers predicted that this trend would continue and in 2021, a ransomware incident was estimated to occur every 11 seconds.  Researchers now predict that by 2031, cyberattacks on businesses will occur every 2 seconds (Cybercrime Magazine, https://cybersecurityventures.com/).  While 55% of businesses choose to pay the ransom to recover their data, this is not recommended or any guarantee that the criminals will restore what was stolen.  For others that choose not to pay the ransom, the recovery can be just as costly with an impact that reaches far into an organization.  The estimated cost in damages due to ransomware worldwide exceeded $20 Billion in 2021.  This is nearly double the amount reported in 2019.  By 2031, cyber security analysts expect the global cost in damages from ransomware to exceed $265 billion (Cybercrime Magazine, https://cybersecurityventures.com/).

Putting a Value on Your Data:  The Cost of Recovery

There is a misconception among business leaders that the easiest and cheapest way to recover from a ransomware attack is to pay the ransom.  The assumption is that the hijacked data will be quickly restored and that business operations will resume as normal with very little additional impact.  This false assumption, however, can leave businesses vulnerable to technical and financial demands they are unprepared to handle.  The reality of getting back to business after a ransomware attack is a layered process, and there are significant costs associated with the work and time required to remediate.  This level of effort is generally the same whether the ransom is paid or not.  Decision-makers, therefore, need to understand that the true cost of recovering is dependent on many factors of remediation that extend beyond the ransom itself.  The impact of these factors is often underestimated when businesses analyze the cost of recovering lost data.  Some of these factors are listed below:

  • Downtime (lost productivity)
  • Retrieval and analysis of backups available
  • Restore of data to systems
  • Personnel required
  • Outside expertise
  • Forensic investigation of event
  • Data clean-up
  • Equipment costs
  • Network costs
  • Security improvements to address vulnerabilities
  • Ransom (if paid)

Most advisors agree that paying a ransom to recover your data is not recommended and is a course of action that should be reserved as a last resort.  Law enforcement officials, including the Federal Bureau of Investigation (FBI) and Department of Justice (DOJ), highly discourage victims from paying the ransom.  There’s no guarantee that the criminals will produce the key to unlock the encrypted files, and this choice may lead to being targeted again.

Sometimes, paying the ransom can double the recovery cost, as reported in the results of a survey commissioned by Sophos in 2020 (http://www.sophos.com).  According to their published research analysis, the global average for remediation and recovery of a single ransomware attack on a business is reported to be over $730,000 without paying the ransom.  This conclusion is based on the results of an independent study of 5,000 IT managers across 26 countries.  Their survey results revealed that for small-medium size businesses (100-1,000 employees), the average cost of recovery following a ransomware attack can exceed $500,000.  For larger organizations (1,000-5,000 employees), that number can reach up to $1 million.  In addition, for those that choose to pay the ransom, the cost to remediate nearly doubles because the time-consuming effort required to address the situation remains the same.

Ensure your organization’s ability to recover from a costly ransomware attack by empowering your defenses with VaultTek.  Our vault-tight solution provides three layers of defense with our on-site backup appliance, Tekmate, and two U.S.-based data centers – keeping the data that matters most close to home.  Our personalized approach to data backup and monitoring means you’ll have a dedicated expert who understands your business standing by to answer your questions and ease recovery.  Contact us today to start the conversation about your data protection needs.